diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2006-11-18 16:27:35 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2006-11-18 16:27:35 +0000 |
| commit | e264a62b731d29389ba0a4a3548070e259e373c0 (patch) | |
| tree | 8b4c935deb992a577cedd8123a46b2fcaf128d6d /phpBB/includes/auth.php | |
| parent | 5f788b4d08838dec5e8168f2efd515859224a3a4 (diff) | |
| download | forums-e264a62b731d29389ba0a4a3548070e259e373c0.tar forums-e264a62b731d29389ba0a4a3548070e259e373c0.tar.gz forums-e264a62b731d29389ba0a4a3548070e259e373c0.tar.bz2 forums-e264a62b731d29389ba0a4a3548070e259e373c0.tar.xz forums-e264a62b731d29389ba0a4a3548070e259e373c0.zip | |
- a handful of mcp fixed, the most important one is the change for check_ids() - it is now supporting ids from more than one forum too, making it possible to use some mcp features as designed initially. We really need to get our moderator team testing the mcp extensively.
- fixed some other tiny glitches
- if a forum category with subforums get changed to a link type forum give options of what to do with the subforums (#5334)
- other bugfixes
git-svn-id: file:///svn/phpbb/trunk@6601 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth.php')
| -rw-r--r-- | phpBB/includes/auth.php | 52 |
1 files changed, 29 insertions, 23 deletions
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index 8ee4a23abb..c174fc6769 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -478,11 +478,11 @@ class auth $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : ''; $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; - $sql_opts = $sql_escape = ''; + $sql_opts = ''; if ($opts !== false) { - $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts, $sql_escape); + $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts); } $hold_ary = array(); @@ -512,7 +512,7 @@ class auth 'ORDER_BY' => 'a.forum_id, ao.auth_option' )); - $result = $db->sql_query($sql . $sql_escape); + $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { @@ -588,11 +588,11 @@ class auth $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : ''; $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; - $sql_opts = $sql_escape = ''; + $sql_opts = ''; if ($opts !== false) { - $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts, $sql_escape); + $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts); } $hold_ary = array(); @@ -620,7 +620,7 @@ class auth 'ORDER_BY' => 'a.forum_id, ao.auth_option' )); - $result = $db->sql_query($sql . $sql_escape); + $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { @@ -642,11 +642,11 @@ class auth $sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? "group_id = $group_id" : $db->sql_in_set('group_id', $group_id)) : ''; $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; - $sql_opts = $sql_escape = ''; + $sql_opts = ''; if ($opts !== false) { - $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts, $sql_escape); + $this->build_auth_option_statement('ao.auth_option', $opts, $sql_opts); } $hold_ary = array(); @@ -674,7 +674,7 @@ class auth 'ORDER_BY' => 'a.forum_id, ao.auth_option' )); - $result = $db->sql_query($sql . $sql_escape); + $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { @@ -791,7 +791,7 @@ class auth /** * Fill auth_option statement for later querying based on the supplied options */ - function build_auth_option_statement($key, $auth_options, &$sql_opts, &$sql_escape) + function build_auth_option_statement($key, $auth_options, &$sql_opts) { global $db; @@ -802,7 +802,7 @@ class auth if (strpos($auth_options, '_') !== false) { $sql_opts = "AND $key LIKE '" . $db->sql_escape(str_replace('_', "\_", $auth_options)) . "'"; - $sql_escape = ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : ''; + $sql_opts .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\' " : ''; } else { @@ -816,7 +816,7 @@ class auth } else { - $is_like_expression = $is_underline = false; + $is_like_expression = false; foreach ($auth_options as $option) { @@ -824,11 +824,6 @@ class auth { $is_like_expression = true; } - - if (strpos($option, '_') !== false) - { - $is_underline = true; - } } if (!$is_like_expression) @@ -841,15 +836,26 @@ class auth foreach ($auth_options as $option) { - $sql[] = $key . " LIKE '" . $db->sql_escape(str_replace('_', "\_", $option)) . "'"; + if (strpos($option, '%') !== false) + { + if (strpos($option, '_') !== false) + { + $_sql = $key . " LIKE '" . $db->sql_escape(str_replace('_', "\_", $option)) . "'"; + $_sql .= ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : ''; + $sql[] = $_sql; + } + else + { + $sql[] = $key . " LIKE '" . $db->sql_escape($option) . "'"; + } + } + else + { + $sql[] = $key . " = '" . $db->sql_escape($option) . "'"; + } } $sql_opts = 'AND (' . implode(' OR ', $sql) . ')'; - - if ($is_underline) - { - $sql_escape = ($db->sql_layer == 'mssql' || $db->sql_layer == 'mssql_odbc') ? " ESCAPE '\\'" : ''; - } } } } |